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23 October 1978 


NOTE FOR: Mr. Robert W. Gambino 


25X1 a es) 


SUBJECT: | Community-Wide Computer Assisted 
Compartmentation Control System (4C) 


1. Attached is the wrap-up of the 4C Requirements 
Team. It contains questions and reservations received from 
the Community following your call for final comments. Each 
issue is addressed by the Team. Some of them can only be 
resolved in the course of the next phase - development of 
formal specifications. 


2. <A decision to go oF not to go is needed within 
six months or else the data will be out-of-date and the 
knowledgeable people will be scattered. 


3. If there is a decision to go - the next step is 
formation of a "Specifications Team" made up of people from 
CIB, ODP, OC. We think it would be impossible to get ODP and 
OC to contribute manpower resources without a firm commitment 
of funds. No one wants to bet on the come in this day and 
age. Looks like you have to go to the DCI for money or 
decision not to progress. 


4, Recommend you sign and return to me and I'll have 
SSC dissem. 


25X1 
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SECOM-D-392 


MEMORANDUM FOR: Members of the DCI Security Committee 


FROM: Robert W. Gambino 
Chairman 
DCI Security Committee 
SUBJECT: ,-: Community-Wide Computer Assisted 
Compartmentation Control System (4C) (U) 
REFERENCE: ~ SECOM-D-345, 26 June 1978},same Subject 


1. (U) Responses to the Requirements Package were unani- 
mously supportive of the 4C concept, but there were questions 
and reservations about some elements. These are set forth as 
ITEMs, followed by COMMENTs, which have been prepared by the 
4C Requirements Team. 


ITEM A: (U) Paragraph 6.2 of reference describes a system 
which seems based on the assumption that some NFIB members 
wiil choose not to make all, or most, of their SCI record 
holdings avatlable for retrieval by .all other members. Some 
members observed that this would greatly reduce the benefits 
of. AC; | , 


COMMENT: (U) The Requixeavars Team and most of the partici- 
pating organizations have p¥rceived 4C as an information bank 
which can be used to ascertain whether individuals have been 
authorized accesses to SCI, to identify the Sponsors, to ob- 
tain information concerning background investigations, to 
verify term certificationg, etc. It 4s planned that such in- 
formation will be available within secure Government-controlled 
areas from 4C terminals operated by cleared personnel. Under 
such conditions the information will be protected, and its 
ready availability, to people with a need-to-know will reduce 
the telephone calls, cables, memos, ‘and some travel now required 
to perform necessary busiriess. a 03,204 


O 
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Such benefits will be reduced if parti¢ipating organi- 
zations @lect, without sound reasons, to make their récords 
inaccessible*to other NFIB organtzations. : 

There are sound reasons, however, for exceptionally 
tight protection of some records... The 4C systehm must provide 
the option of making a record inaccessible except to the Spon- 
sor and to the Central: Facility. ‘Without such option, some 
members might feel-obliged to withhold certain records, in 
which case the DCI requirement of a complete data base would 
not be satisfied. | a 


ITEM B: (C) There are differing opinions concerning the 

proper classification of the 4C data base, and the question 

of whether 4C° information should be transmitted and ‘storedfin 
compartmented channels, (The draft Requirements Package pro- 
posed that the.data be SECRET and:not. compartmented. The 

final’ package, as 2 resuit of comment to the draft, stated 

that the 4C data base, and 4C informatton transmitted or 
stored, must be classified SECRET and handled via BYE channels.) 


COMMENT: (C) The BSO-CIA, after considering thé reply to the 
draft, agreed that the data base as @ whole should not be 
available outside of BYE channels, and that the classification 
of SECRET was appropriate. ; ; 


Over the years we have handled a similar data base 
(SPECLE) as SECRET. Individual records within such data 
bases have been handled as unclassified and uncompartmented, 
and listingsof all individuals sponsored Dy one. Aacncies/ 
Departments have been handled as GONFIDENTIAL, or even un- 
classified, and uncompartmented. ; 


With existing SCI access approval record-keeping systems 
we have had human intervention at central facilities between 
remote quéries and responses to those remote queries. The 
human intervention has provided protection against releasing 
information to unauthorized individuals or those who have no 
“need-to-know", It has protected. individuals who are under 
cover. It has permitted us‘to assign proper classification, 
and to properly chshnel reports which are transmitted to 
CusStomMmerge.c 2: -—  - oe eee fem warie a ee ie ee eee ee ee 

It is essential to providé sultable protection against 
unauthorized release of information while maintaining efficiency 
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in processing and eccessing 4C information. The Requirements 
Team concluded that, on balance, optimum results would be ob- 
tained by establishing rigorous, security measures (hardware, 
software, personnel, encryption, emanation and physical) for 
the system as a whole. It was assumed that this would encourage 
the input of g11 Sal access appreval records, simplify the 
system's internal security features and encourage members to 
make their records available to other Agencies/Departments 
(see Item A, above). a 

The Specifications Team will give additional attention 
to this problem, and will explore various possibilities for 
improving system efficiency while protecting the information. 


ITEM C: (U) Several members question the plan to implement 
Phase 1 of 4C withopt @ positive commitment to proceed to 
Phases 2 and 3, with all remote stations (CONUS and Overseas) 
sdentified and included in cost estimates. 


COMMENT: .(U) With implementation of Phase 1, dn order to 
achieve a current data base, it is. anticipated that there 
will be increased utilization of cables to expedite the ré¢ 
cording of. indoctrinations or debriefings which occur at 
distant points. The degree. of success in utilization of cable 
facilities may influence the determination of Phase 2 and. 
Phase 3 requirements. ; + 20% 


It is safe. to predict that. there will be changes in the 
locations of activities, the volumes of recordable actions 
at the various: locetions, and there will be changes in methods 


and technology which wil] impact.on requirements and costs of 
Phases 2 and 3. , 


ITEM D: (VJ) Some members, with widely dispersed indoctrina- 
tion/debriefing and certification operations, are dubious about 
their ability to maintain a current 4C data base. 


COMMENT: (U). This Item is, closely related to Item C, above. 
The Requirements Tean, in questioning the economic feagibi- 
lity of placing on-line interective terminals at each of the 
many scattered points around the world, has costed a system 
in which there will be some delay between events and the 
recording of those events in 4C, The 4C system was costed 
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for Phase 2 and Phase 3 expansion only to points having a 
relatively high volunée of activity. During Phase 1, with 
expanded usé of existing cable facilities, there can be great 
improvement in the timeliness of the central data base. 

ITEM B: -(U) Some members have expressed concern about the 
increased work load in developing 4C and in maintaining their 


existing system plus the 4C system after it becomes opera- 
tional. They are dubious about ‘availability of manpower. 


COMMENT: (U} Organizations with large numbers of records and 
existing ADP systems will be expected to provide manpower to 
work with the Bpecifications Téeam-ags required, to assist in 
the convévsidn of deta to 4€ spééi¥ications,; and may need to 
operate padtallél ‘systéns ‘during ad ‘dpérational test period. 
4C is a major project which will not succeed without manpower 
support from participating orgenizattons. 


Adequate ‘support from each ndmber of the Community is 
essential for the suctes$ df°4C. “The Requirements Team did 
not attempt to dssess thé “amount df maripower support which 
will be required from each participdting organization. 


The Requirements Team did not conduct a Costs/Benefits 
analysis, but did conclude that 4C has the potential to re- 
place some existing ADP systems, and eliminate some redundancies 
in keypunching, computer processing, and storage. Also, with 
4C replacing some existing systems, there will be a congid- 
erable reduction in computef® programming in the Community. 
Correction of "bugs" or system enhancements in 4C will bene- 
fit pose ea arth chat eed tab lakh and less work will be 
required to exchange data between Systems. 


ITEM F: (U) Is the CIA paying for all costs, except for. 
salaries of employees who will participate in development, 
operation, and maintenance of 4C? 


COMMENT: {(C} No. Each participating organization will be 
expected to prdvide and prepare apptopriate spacé for peri- 
pheral equipment. ‘The space‘ should’ be ready at the time the 
equipment is @¢heduled for instaliation. ae 


In buildings ‘which are gefviced By Tetrahedron, the par- 
ticipating défganizationsEhoile arginge for installation of 
lines from the Technical Control Facility (In their buiiding) 
to areas where 4Ci'peripheral equipment will be installed. 


an oes 
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ITEM G: .{C) The assumption that the KG-84 would be available 
in time to meet the cryptographic needs of 4C was questioned. 


COMMENT: i (C) It now appours that’ the KG-84 will not be avail- 
able within the expected time frame. Consequently, the KG-34 
would have to be used instead’ of the KG-84. 

; : eres) 2 an eae ; 

: Suey 

ITEM H: (U) Some NFIB members have surfaced possible re- 
quirements for additiéhal terminal equipment and communications 
facilities at locations which were not mentioned during the 
study of requirements. One member advised that a pianned 
centralization of operations would rdéduce such requirements. 
On balance, the responses to’ SECQM-D-345 have indicated an 
increase in Phase 1 requirements for terminals and communi- 
Cations.: os: 27 


2 - 
COMMENT: 1(U)-The Requirements Team costed a central facility 
which can‘service additional remote terminals. If there is 
a decision to implement Phase 1 of 4C with a fixed amount of 
money not sufficient to meet all immediate requirements, it 
may be necessary ta postpone installation of equipment at some 
remote sites, 


ITEM I: (U) There were questéons or comments concerning 
various matters, which were not studied in detail by the 
Requirements Team. Some examples ere: (1) the definitions 
of Data Fields, both required and optional; (Z) the methods 
to be used in updating two systems, when 4C can not replace 
an existing ADP system; (3) the need to maintain an audit 
trail on queries (Privacy Act and security considerations}; 
and (4) the use of AUTODIN, 


COMMENT: (U) With the assistance of participating organiza- 


tions, these are questions which will be addressed and resolved 
by the Specifications Team. 


2. (U) Reservations, as described above, will be con- 
sidered when I participate in discussions of 4C funding. 
You will be notified promptly when the decision is made. 


3. (U) Thank you for your assistance in conducting 
the 4C requirements and costing study. 


Robert W. Gambino 
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